AMADEOS Architecture for Multi-criticality Agile Dependable Evolutionary Open System-of-Systems FP7-ICT-2013.3.4 - Grant Agreement n 610535 The AMADEOS SysML Profile for Cyber-physical Systems-of-Systems P. Lollini
Outline AMADEOS Conceptual modeling Basic concepts and their relationships Viewpoints-driven approach From Conceptual to SysML modeling High-level representation Semi-formalization into the AMADEOS profile Application to toy example Conclusions Page 2
A Conceptual Model It expresses the meaning of terms and concepts used by domain experts to discuss the problem It ensures that problems with different interpretations of the terms and concepts cannot occur It is the basis for subsequent development of applications in a domain Page 3
The AMADEOS conceptual model Establishing a domain specific ontology on Cyber-physical Systems-of-Systems, serving as a vocabulary for the domain of discourse Forming a reference for the AMADEOS work Supporting the definition of a reference architecture for SoSs Supporting the definition of methodologies and techniques to be proved in a concrete case study on smart energy grids Page 4
Basic concepts and relationships Definition of basic SoS concepts Not domain specific Applicable to any SoS Definition of relationships among basic SoS concepts Page 5
From Conceptual to SysML modeling SoS Basic concepts SoS CS emergence. High-level representation Semi-formalization Page 6
Viewpoints composing the model Basic concepts defined according to 7 viewpoints Structure Dynamicity Evolution Dependability and Security Time Multi-criticality Emergence Viewpoints represent core AMADEOS issues Concepts (and viewpoints) have been integrated by defining their relationships Viewpoints approach facilitate the conceptual modeling itself and the design process Page 7
High-level representation Explicates relations among basic SoS concepts per viewpoint Supports their graphical visualization Semantic Boxes represent concepts Arrows represents semantic relationships among concepts (labels in natural language) Page 8
Relating basic SoS concepts in Structure view System-of-Systems (SoS): An SoS is an integration of a finite number of constituent systems (CS) which are independent and operable, and which are networked together for a period of time to achieve a certain higher goal. Constituent System (CS): An autonomous subsystem of an SoS, consisting of computer systems and possibly of a controlled objects and/or human role players that interact to provide a given service. message Syntactic Specification or Semantic Specification relies on contains Information Relied Upon Message Interface (RUMI) allows exchange of exhibits consists of System-of- Systems (SoS) integrates Constituent System (CS) Human or Controlled object or Computer system categorized into Directed SoS or Acknowledged SoS or Collaborative SoS or Virtual SoS Page 9
Dynamicity / Evolution Dynamicity: The property of an entity that is constantly changing in terms of offered services, built-in structure and interactions with other entities. Managed SoS evolution: Process of modifying the SoS to keep it relevant in face of an ever-changing environment. Business value: Overarching concept to denote the performance, impact, usefulness, etc. of the functioning of the SoS Page 10
Dependability / Security / Multi-criticality Critical service: A critical service is the service of a system that requires a specific criticality level. Criticality level: The criticality level is the level of assurance against failure. Page 11
Time / Emergence Clock: A (digital) clock is an autonomous system that consists of an oscillator and a register. Whenever the oscillator completes a period, an event is generated that increments the register. Reference clock: A hypothetical clock of a granularity smaller than any duration of interest and whose state is in agreement with TAI. Emergence: A phenomenon of a whole at the macro-level is emergent if and only if it is new with respect to the non-relational phenomena of any of its proper parts at the micro level. Weak emergence: if a trans-ordinal law that explains the occurrence of the emergent phenomenon at the macro level out of the properties and interactions of the parts at the adjacent micro level is known. Strong Emergence: if, after a careful analysis of the emergent phenomenon, no trans-ordinal law that explains. is known (at least at present). Page 12
Towards a semi-formal representation Describe AMADEOS viewpoints via a SysML profile UML-like representation Improve the understanding by using different levels of abstraction and different views Foster information sharing and reuse among SoS stakeholders Enable analysis and experimentation at early stage of the SoS lifecycle process Page 13
AMADEOS Profile: Rationale A SysML profile to implement SoS basic concepts and their relationships Strong focus on conceptual modelling Capturing both SoS static structure and dynamic behavior The profile makes use of New added constructs Constructs already available in related profiles (MARTE, CONCERTO) Organized in viewpoints driven-components Profile implementation Open source Eclipse integrated development environment along with Papyrus plug-in Page 14
AMADEOS profile components Page 15
Mapping structure view into AMADEOS profile Starting from the high-level graphical representation of Structure message Syntactic Specification or Semantic Specification relies on contains Information Relied Upon Message Interface (RUMI) allows exchange of exhibits consists of System-of- Systems (SoS) integrates Constituent System (CS) Human or Controlled object or Computer system categorized into Directed SoS or Acknowledged SoS or Collaborative SoS or Virtual SoS.we implemented three SysML profile components: SoSArchitecture component SoSCommunication component SoSInterface component Page 16
SoSArchitecture / SoS Communication Page 17
Dynamicity / Evolution Page 18
Time / Emergence Page 19
Toy Example: Smart Grid Household Applying the profile to a toy example to check: soundness of a subsets of semi-formalized concepts which concepts were missing Toy Example Improving the efficiency and the reliability of the production and distribution of electricity in a Smart Grid Keeping production and consumption rate as much balanced as possible for a set of connected households Electronic appliances forward requests of energy by interacting with higher-level sub-systems which decides to grant or deny each request Page 20
Toy Example: structure view Household scenario Page 21
AMADEOS profile possible applications Model-based definition of an SoS with AMADEOS profile Platform Independent Model of an SoS Platform-Specific Models can be defined and used at different stages of system design and validation (MDE approaches) The profile can be integrated into existing SysML MDE tool-chain platforms, such as CONCERTO, Eclipse, to perform e.g. System analysis E.g. Hazard Analysis (HA), Failure Mode and Effect Analysis (FMEA), Fault Tree Analisys (FTA), etc. Source code generation System testing Page 22
Profile application for supporting HA Hazard Analysis application example Typically it identifies and mitigates hazards leading to detrimental situations In our case, it supports the identification of emergent conditions based on the information exchanged through the interfaces Input: Events and interfaces Output Identification of consequences and emergent behaviors Page 23
Workflow: Profile application Page 24
Workflow: Interface Identification Interface among Constituent Systems ID Interface EMG and Coordinator INT_01 Coordinator and DSO Smart meter and Meter Aggregator Meter Aggregator and DSO Command Display and EMG Command Display and Smart meter Smart Meter and Flexible load Smart Meter and EMG EMG and Flexible load PEL EMG and Coordinator INT_02 INT_03 INT_04 INT_05 INT_06 INT_07 INT_08 INT_09 INT_10 Page 25
Workflow: Events Event Event1 Event2 Description A new functionality is added to the command display HMI. The latter can send a message to EMG containing the name/type of electrical appliance involved A new EMG is connected to the Smart Grid to support the provision of energy for public event lighting Page 26
Workflow: Hazards identification Id Event Id Interfac e Guidewor d Hazard Event 1 INT_05 More EMG receives additional information from the new Command Display on the electrical appliance switched on Event 2 INT_10 More The Coordinator receives a request for a very high amount of energy to support the public event lighting Emergent Behavior YES - beneficial YES - detrimental Conseque nce Mitigation EMG can not needed forward additional information to the Coordinator for better balancing the Smart Grid Coordinator, MIT_03: EMG in order to can keep communicate balanced the energy production decrease to and consumption values, decides to limit the provision of energy for the electrical appliance the Command Display (INT_05). The latter supports the reconfiguratio n of the electrical appliances Page 27
Viewpoint-based conceptual modeling Basic SoS concept definition Conclusion Representation of their semantic relationships SysML semi-formalization: AMADEOS profile Vision for the Applicability of the profile for SoS description and analysis Conceptual model refinement to be continued until the end of the project Page 28
Thank You for Your attention Page 29